CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

544 matches found

Cvelist•added 2022/11/16 12:0 a.m.•24 views

CVE-2022-4018 Missing Authentication for Critical Function in ikus060/rdiffweb

Missing Authentication for Critical Function in GitHub repository ikus060/rdiffweb prior to 2.5.0a6...

6.1CVSS5AI score0.00809EPSS

Exploits1References2

CNNVD•added 2022/11/16 12:0 a.m.•2 views

Rdiffweb 访问控制错误漏洞

Rdiffweb is a web application by Patrik Dufresne, an individual developer in the USA. Provides quick access to your archives through an efficient web interface. An access control error vulnerability exists in Rdiffweb versions prior to 2.5.0a6, which stems from a lack of authentication for critic...

6.1CVSS5.7AI score0.00809EPSS

Exploits1References4

Positive Technologies•added 2022/11/16 12:0 a.m.•2 views

PT-2022-25260 · Rdiffweb · Rdiffweb

Name of the Vulnerable Software and Affected Versions: rdiffweb versions prior to 2.5.0a6 Description: The issue concerns a missing authentication mechanism for a critical function in the rdiffweb GitHub repository. Recommendations: For versions prior to 2.5.0a6, update to version 2.5.0a6 or late...

6.1CVSS5.3AI score0.00809EPSS

Exploits1References10

CVE•added 2022/11/16 12:0 a.m.•83 views

CVE-2022-4018

CVE-2022-4018 affects the GitHub repository ikus060/rdiffweb, with versions prior to 2.5.0a6 vulnerable due to a missing authentication mechanism for a critical function. Multiple sources (GHSA, OSV, NVD, CVE lists, PT security advisories) corroborate the issue and reference an access-control fai...

6.1CVSS4.8AI score0.00809EPSS

Exploits1References2Affected Software1

OSV•added 2022/11/16 12:0 a.m.•20 views

CVE-2022-4018 Missing Authentication for Critical Function in ikus060/rdiffweb

Missing Authentication for Critical Function in GitHub repository ikus060/rdiffweb prior to 2.5.0a6...

6.1CVSS5.5AI score0.00809EPSS

Exploits1References4

OSV•added 2022/11/15 12:0 p.m.•10 views

GHSA-94QM-99QC-QWQJ rdiffweb vulnerable to Insufficient Session Expiration

Insufficient Session Expiration in GitHub repository ikus060/rdiffweb prior to 2.5.0...

9.8CVSS9.5AI score0.00876EPSS

Exploits1References5

Github Security Blog•added 2022/11/15 12:0 p.m.•20 views

rdiffweb vulnerable to Insufficient Session Expiration

Insufficient Session Expiration in GitHub repository ikus060/rdiffweb prior to 2.5.0...

9.8CVSS9AI score0.00876EPSS

Exploits1References5Affected Software1

NVD•added 2022/11/14 9:15 p.m.•22 views

CVE-2022-3362

Insufficient Session Expiration in GitHub repository ikus060/rdiffweb prior to 2.5.0...

9.8CVSS0.00876EPSS

Exploits1References2

PyPA•added 2022/11/14 9:15 p.m.•5 views

PYSEC-2022-43000

Insufficient Session Expiration in GitHub repository ikus060/rdiffweb prior to 2.5.0...

9.8CVSS6.8AI score0.00876EPSS

Exploits1References5Affected Software1

Prion•added 2022/11/14 9:15 p.m.•16 views

Session fixation

Insufficient Session Expiration in GitHub repository ikus060/rdiffweb prior to 2.5.0...

7.5CVSS9.5AI score0.00876EPSS

Exploits1References2Affected Software1

OSV•added 2022/11/14 9:15 p.m.•12 views

PYSEC-2022-43000

Insufficient Session Expiration in GitHub repository ikus060/rdiffweb prior to 2.5.0...

9.8CVSS6.8AI score0.00876EPSS

Exploits1References5

Vulnrichment•added 2022/11/14 12:0 a.m.•5 views

CVE-2022-3362 Insufficient Session Expiration in ikus060/rdiffweb

Insufficient Session Expiration in GitHub repository ikus060/rdiffweb prior to 2.5.0...

6.1CVSS6.7AI score0.00876EPSS

Exploits1References2

Cvelist•added 2022/11/14 12:0 a.m.•27 views

CVE-2022-3362 Insufficient Session Expiration in ikus060/rdiffweb

Insufficient Session Expiration in GitHub repository ikus060/rdiffweb prior to 2.5.0...

6.1CVSS9.8AI score0.00876EPSS

Exploits1References2

CNNVD•added 2022/11/14 12:0 a.m.•4 views

Rdiffweb 代码问题漏洞

Rdiffweb is a web application by Patrik Dufresne, an individual developer in the USA. Provides quick access to your archives through an efficient web interface. A code issue vulnerability exists in rdiffweb versions prior to 2.5.0, where the source session expires insufficiently...

9.8CVSS6.9AI score0.00876EPSS

Exploits1References4

OSV•added 2022/11/14 12:0 a.m.•20 views

CVE-2022-3362 Insufficient Session Expiration in ikus060/rdiffweb

Insufficient Session Expiration in GitHub repository ikus060/rdiffweb prior to 2.5.0...

6.1CVSS6.7AI score0.00876EPSS

Exploits1References4

CVE•added 2022/11/14 12:0 a.m.•80 views

CVE-2022-3362

CVE-2022-3362 affects ikus060/rdiffweb prior to 2.5.0, due to insufficient session expiration. This is documented as a high-severity issue (CVE base score 9.8, critical) with network access required and no user interaction. The vulnerability arises from inadequate session expiration handling in t...

9.8CVSS7.8AI score0.00876EPSS

Exploits1References2Affected Software1

OSV•added 2022/10/27 12:0 p.m.•10 views

GHSA-JW36-MRVG-J5FX Rdiffweb subject to Business Logic Errors

Business Logic Errors in GitHub repository ikus060/rdiffweb prior to 2.5.0a7...

9.8CVSS9.5AI score0.0075EPSS

Exploits0References5

Github Security Blog•added 2022/10/27 12:0 p.m.•16 views

Rdiffweb subject to Business Logic Errors

Business Logic Errors in GitHub repository ikus060/rdiffweb prior to 2.5.0a7...

9.8CVSS9AI score0.0075EPSS

Exploits0References5Affected Software1

Veracode•added 2022/10/27 1:26 a.m.•18 views

Business Logic Errors

rdiffweb contains business logic errors. A privileged local attacker is able to disable multi factor authentication, which leads to unauthorized access...

9.8CVSS8.6AI score0.0075EPSS

Exploits0References2Affected Software1

NVD•added 2022/10/26 9:15 p.m.•18 views

CVE-2022-3363

Business Logic Errors in GitHub repository ikus060/rdiffweb prior to 2.5.0a7...

9.8CVSS0.0075EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by